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IN THE CLAIMS 
Please amend the claims as follows: 

1. (Currently Amended): A dynamically reconfigurable intrusion-tolerant network 
interposed between a [[service requesting]] service-requesting client and plural protected 
servers to minimize the impact of an intrusive event on the protected servers by providing 
plural r e spons e s to an incoming n e twork s e rvic e r e qu e st, th e plural r e spons e s gen e rat e d at at 
least one of the protect e d s e rv e rs in respons e to th e incoming n e twork s e rvic e r e qu e st and 
providing redundancy for th e intrusion tol e rant n e twork , comprising: 

a proxy server configured to receive the an incoming network service request from the 
client and to forward said request pursuant to a tolerance protocol to the plural protected 
servers; 

a network link for communication of the incoming network service requests from the 
proxy server to respective ones of the plural protected servers; 

at least two acceptance monitors configured to receive from the protected servers 
on e or mor e of th e plural respective responses and to apply one or mor e respective acceptance 
tests thereto , the respective responses generated at the protected servers in response to the 
incoming network service request and providing redundancy for the intrusion tolerant network ; 
and 

a ballot monitor configured to receive from the acceptance monito rs respective results 
of the applied acceptance tests and to determine a preferred response based on the respective 
results of the acceptance monitors said plural r e sponses to forward to the proxy server for 
transmission to the [[service requesting]] service-requesting client . 

2 (Currently Amended): A dynamically reconfigurable intrusion-tolerant network 
interposed between a service requesting client and plural protected servers to minimize the 
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impact of an intrusive event on the protected servers by providing plural r e sponses to an 
incoming network service r e qu e st, th e plural r e sponses g e n e rated at at l e ast on e of th e 
prot e ct e d s e r\^ e rs in r e sponse to th e incoming network service r e quest and providing 
redundancy for the intrusion tol e rant n e twork , comprising: 

a proxy server configured to receive incoming network service requests from the client 
and to forward said requests pursuant to a tolerance protocol to the protected servers; 

a network link connecting the proxv server to the protected servers and configured to 
forward the incoming network service requests to the protected servers: 

an at least two acceptance monitors configured to receive from the protected servers 
one or more of the plural respective responses and to apply one or mor e respective acceptance 
tests thereto , the respective responses generated at the protected servers in response to the 
incoming network service request and providing redundancv for the intrusion tolerant network ; 
and 

a ballot monitor configured to receive from the acceptance monito rs respective results 
of the applied acceptance tests and to determine a preferred response based on the respective 
results of the acceptance monitors said plural r e spons e s to forward to the proxv server for 
transmission to the [[service requesting]] service-requesting client ; 

an intrusion sensor responsive to anomalies in operation of the network and configured 
to detect threats to the network; and 

an adaptive reconfigurer configured to alter the tolerance protocol and to reconfigure a 
network forwarding scheme among the proxy servers, the acceptance monitors, and the ballot 
monitor in response to a predetermined condition. 

3 (Currently Amended): A network according to Claim 1, wherein said proxy server 
fiorther is configured to forward said incoming network service request to at least one of the 
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acceptance monitors and a the ballot monitor. 

4 (Currently Amended): A network according to Claim 1, wherein said proxy server 
comprises multiple indopondont proxy servers. 

5 (Cancelled). 

6 (Currently Amended): A network according to Claim 1, wherein said ballot monitor 
comprises multiple ind e p e nd e nt ballot monitors. 

7 (Previously Presented): A network according to Claim 2, wherein said intrusion 
sensor comprises a multiplicity of sensors configured to monitor predetermined operations of 
the network. 

8 (Currently Amended): A network according to Claim 2, wherein said adaptive 
reconfigurer is configured to reconfigure the network forwarding scheme to establish parallel 
forwarding among the protected servers, the acceptance monitors, and the ballot monitor. 

9 (Currently Amended): A network according to Claim 1 , wherein said proxy server is 
configured to forward said incoming network service request to the at least one of the protected 
servers, the acceptance monitors, and the ballot monitor. 

10 (Previously Presented): A network according to Claim 1, wherein said acceptance 
monitor is configured to apply one or more acceptance tests taken fi-om the group of 
satisfaction of requirements test, accounting test, reasonableness test, or computer run time 
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test. 

1 1 (Previously Presented): A network according to Claim 1, wherein said ballot 
monitor is configured to determine the preferred response using a process taken fi-om the group 
of simple majority voting, Byzantine agreement process, or adjudication process. 

12-14 (Cancelled). 

15 (Currently Amended): A network according to Claim 2, wherein at least one of the 
proxy servers, the acceptance monitors, the ballot monitor, the intrusion sensor, and the 
adaptive reconfigurer comprises a separate and ind e p e ndent processor. 

16 (Currently Amended): A network according to Claim 2, wherein two or more of the 
proxy servers, the acceptance monitors, the ballot monitor, the intrusion sensor, and the 
adaptive reconfigurer are configured to operate on a single processor. 

17 (Currently Amended): A network according to Claim 2, wherein the adaptive 
reconfigurer is configured to reconfigure the network forwarding scheme to establish multiple 
ind e p e nd e nt network forwarding paths. 

1 8 (Currently Amended): A method for reconfiguring communication among network 
components to minimize the impact of an intrusive eyent on plural protected servers-by 
providing plural r e Gpons e s to an incoming n e twork ser\^ico roquoGt, th e plural r e sponses 
g e n e rat e d at at l e ast on e of th e plural G e r\^ e rG in r e spons e to an incoming network service 
request fi-om a s e rvic e r e qu e sting cli e nt in ord e r to provide rodimdancy , comprising: 
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receiving the an incoming network service request from a service requesting client and 
forwarding the request pursuant to a tolerance protocol to respective ones of plural protected 
servers ; 

generating th e plural respective responses to the incoming network service request and 
forwarding the plural respective responses , the respective responses generated in response to 
the incoming network service request in order to provide redundancy ; 

applying at least two acceptance monitors respective one or mor e acceptance tests to 
the plural respective responses and forwarding respective acceptance test results; 

polling analyzing the acceptance test results to determine a preferred response based on 
the respective acceptance test results of the plural r e sponsos bas e d upon th e poll ; and 

forwarding the preferred response to the service requesting client. 

19 (Currently Amended): A method for dynamically reconfiguring communication 
among network components pursuant to multiple tolerance protocols to minimize the impact of 
an intrusive event on plural protected servers by providing plural r e spons e s to an incoming 
n e twork servic e requ e st, th e plural r e spons e s g e n e rat e d at at l e ast on e of th e prot e ct e d s e rv e rs 
in r e spons e to an incoming net>^^ork sorvico request from a s e rvic e r e qu e sting cli e nt in order to 
provid e r e dundancy , comprising: 

receiving the an incoming network service request from a service requesting client and 
forwarding the request pursuant to a tolerance protocol to respective ones of plural protected 
servers ; 

generating th e plural respective responses to the incoming network service request and 
forwarding the plural respective responses , the respective responses generated in response to 
the incoming network service request in order to provide redundancy ; 
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applying at least two acceptance monitors respective on e or mor e acceptance tests to 
the plural respective responses and forwarding respective acceptance test results; 

polling analyzing the acceptance test results to determine a preferred response based on 
the respective acceptance test results; of the plural r e spons e s based upon th e poll; and 

forwarding the preferred response to the service requesting client; 

detecting any anomalies in operation of the network; and 

revising the tolerance protocol and a network forwarding scheme in response to an 
anomaly in operation of the network. 

20 (Previously Presented): A method according to Claim 1 8, wherein the receiving the 
incoming network service request further comprises: 

receiving the incoming network service request at a proxy server. 

21-22 (Cancelled). 

23 (Currently Amended): A method according to Claim 18, wherein the receiving the 
incoming network service request further comprises: 

forwarding the incoming network service request on multiple indep e nd e nt paths. 

24 (Currently Amended): A method according to Claim 1 8, wherein the generating the 
plural respective responses comprises: 

generating the plural respective responses at any of the protected servers. 

25-26 (Cancelled). 



7 



Application No. 09/878,824 

Reply to Office Action of October 4, 2005 and the Advisory Action dated January 23, 2006 

27 (Currently Amended): A method according to Claim 18, wherein the forwarding 
the plural respective responses comprises: 

forwarding the plural respective responses on multiple independ e nt paths. 

28-29 (Canceled). 

30 (Currently Amended): A method according to Claim 18, wherein the forwarding 
the respective acceptance test results comprises: 

forwarding the respective acceptance test results fi"om the acceptance monitors to a 
ballot monitor. 

31 (Currently Amended): A method according to Claim 18, wherein the forwarding 
the respective acceptance test results comprises: 

forwarding the respective acceptance tests results from the acceptance monitors to 
multiple ballot monitors. 

32 (Currently Amended): A method according to Claim 18, wherein the forwarding 
the respective acceptance test results comprises: 

forwarding the respective acceptance tests results from the acceptance monitors on 
multiple indopondont paths. 

33 (Currently Amended): A method according to Claim 18, wherein the polling 
analyzing the acceptance test results comprises: 

polling the respective acceptance test results at a ballot monitor. 
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34 (Currently Amended): A method according to Claim 18, wherein the polling 
analyzing the acceptance test results comprises: 

applying multiple polling routines. 

35 (Currently Amended): A method according to Claim 18, wherein the polling 
analyzing the acceptance test results comprises: 

applying multiple polling routines to fee responses from each of a multiplicity of ballot 
monitors. 

36 (Currently Amended): A method according to Claim 18, wherein at least one of 
receiving an incoming network service request, generating the plural respective responses, 
applying on e or mor e respective acceptance tests, polling analyzing the acceptance test results, 
and forwarding the preferred response comprises: 

utilizing a separate processor to enhance independence of operation and minimize the 
impact of the intrusive event. 

37 (Currently Amended): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme further comprises: 

forwarding the plural respective responses on multiple indep e nd e nt paths. 

38 (Currently Amended): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

forwarding the plural respective responses to multiple ind e p e nd e nt of the acceptance 
monitors. 
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39 (Currently Amended): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

forwarding r e sults of the applied acceptance test result s to multiple ind e p e nd e nt ballot 
monitors. 

40 (Currently Amended): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

forwarding the preferred response to multiple ind e p e nd e nt proxy servers. 

41 (Previously Presented): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme further comprises: 

comparing any detected anomalies with known anomalies to identify a predetermined 
intrusion tolerance protocol. 

42 (Currently Amended): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

determining em which of the acceptance monitors that will be used to support a selected 
tolerance protocol. 

43 (Previously Presented): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

determining a ballot monitor that will be used to support the a selected tolerance 
protocol. 
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44 (Previously Presented): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

determining a proxy server that will be used to implement a selected tolerance protocol. 

45 (Previously Presented): A method according to Claim 19, wherein the revising the 
tolerance protocol and network forwarding scheme comprises: 

prioritizing multiple incoming network service requests. 
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